package com.tuzhi.utils;

import com.tuzhi.common.exception.BusinessException;
import lombok.Data;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Lazy;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service;

import javax.annotation.PostConstruct;
import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.*;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;



@Service
@Lazy
public class RsaEncipherUtil  {



    /**
     * 加密算法RSA
     */
    public static final String KEY_ALGORITHM = "RSA";

    /**
     * 签名算法
     */
    public static final String SIGNATURE_ALGORITHM = "SHA256withRSA";

    /**
     * 获取公钥的key
     */
    public static final String PUBLIC_KEY_STR = "PublicKeyStr";

    /**
     * 获取私钥的key
     */
    public static final String PRIVATE_KEY_STR = "PrivateKeyStr";

    /**
     * RSA最大加密明文大小(字节数)
     */
    private static final int MAX_ENCRYPT_BLOCK = 117;

    /**
     * RSA最大解密密文大小(字节数)
     */
    private static final int MAX_DECRYPT_BLOCK = 128;

//    @Autowired
//    private  RedisTemplate<String,String> redisTemplate;

    private static RedisTemplate<String, String> redisTemplate;
    @Value("${rsa.key-seed}")
    private  String rsa;


    @Autowired
    public void setRedisTemplate(RedisTemplate<String, String> redisTemplate) {
        RsaEncipherUtil.redisTemplate = redisTemplate;
    }

    // 静态代码块
    @PostConstruct
    public void init() {
        // 在 Bean 初始化完成后删除缓存
        deleteCache();
    }
    private static void deleteCache() {
        redisTemplate.opsForValue().getOperations().delete(PUBLIC_KEY_STR);
        redisTemplate.opsForValue().getOperations().delete(PRIVATE_KEY_STR);
        System.out.println("Redis 缓存已删除: " + PUBLIC_KEY_STR + ", " + PRIVATE_KEY_STR);
    }



    /**
     * @description: 生成公钥私钥
     * @date: 2024/1/17 14:47
     * @param
     * @return java.util.Map<java.lang.String,java.lang.String>
     */
    public  Map<String, String>   initKeyPair() throws Exception {
//        KeyPairGenerator kpg = KeyPairGenerator.getInstance(KEY_ALGORITHM);
//        kpg.initialize(1024);
//        KeyPair keyPair = kpg.generateKeyPair();
//        PublicKey publicKey = keyPair.getPublic();
//        PrivateKey privateKey = keyPair.getPrivate();

        // 使用种子字符串生成随机数源
        SecureRandom secureRandom = new SecureRandom(rsa.getBytes());

        // 生成RSA密钥对
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        kpg.initialize(1024, secureRandom);
        KeyPair keyPair = kpg.generateKeyPair();
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();

        String publicKeyStr = encryptBASE64(publicKey.getEncoded());
        String privateKeyStr = encryptBASE64(privateKey.getEncoded());

        // 存入Redis
        redisTemplate.opsForValue().set(PUBLIC_KEY_STR, publicKeyStr);
        redisTemplate.opsForValue().set(PRIVATE_KEY_STR, privateKeyStr);

        Map<String, String> keyMap = new HashMap<>();
        keyMap.put(PUBLIC_KEY_STR, publicKeyStr);
        keyMap.put(PRIVATE_KEY_STR, privateKeyStr);
        return keyMap;
    }

    /**
     * 获取redis 的公钥秘钥
     * @return
     * @throws Exception
     */
    public    Map<String, String> getPublicKeyAndPrivateKey() {
        Map<String, String> keyMap = new HashMap<>();
        String publicKeyStr;
        String privateKeyStr;
        publicKeyStr = redisTemplate.opsForValue().get(RsaEncipherUtil.PUBLIC_KEY_STR);
        privateKeyStr = redisTemplate.opsForValue().get(RsaEncipherUtil.PRIVATE_KEY_STR);
        if ((null==publicKeyStr || publicKeyStr.isEmpty()) && null==privateKeyStr || privateKeyStr.isEmpty()){
            Map<String, String> stringStringMap = null;
            try {
                stringStringMap = initKeyPair();
            } catch (Exception e) {
                throw new BusinessException("获取公钥私钥异常");
            }
            return stringStringMap;
        }
        keyMap.put(PUBLIC_KEY_STR, publicKeyStr);
        keyMap.put(PRIVATE_KEY_STR, privateKeyStr);
        return keyMap;
    }

    /**
     * @description:  公钥加密
     * @date: 2024/1/17 14:49
     * @param str 待加密字符串
     * @param key 公钥
     * @return java.lang.String
     */
    public  String encryptByPublicKey(String str, String key) throws Exception {
        byte[] data = str.getBytes();
        PublicKey publicKey = strToPublicKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);

        byte[] bytes = dataSegment(data, cipher, MAX_ENCRYPT_BLOCK);
        return encryptBASE64(bytes);
    }


    /**
     * @description:  私钥解密
     * @date: 2024/1/17 14:52
     * @param str 待解密字符串
     * @param key 私钥
     * @return java.lang.String
     */
    public static String decryptByPrivateKey(String str, String key)  {

        // 检查输入字符串是否是有效的 Base64 编码的数据
        try {
            Base64.getDecoder().decode(str);
        } catch (IllegalArgumentException e) {
            throw new BusinessException("输入字符串不是有效的Base64编码加密数据");
        }
        byte[] data = decryptBASE64(str);
        byte[] bytes;
        Cipher cipher;
        PrivateKey privateKey = null;
        try {
            privateKey = strToPrivateKey(key);
            cipher = Cipher.getInstance(KEY_ALGORITHM);
            cipher.init(Cipher.DECRYPT_MODE, privateKey);
            bytes = dataSegment(data, cipher, MAX_DECRYPT_BLOCK);
        } catch (Exception e) {
            throw new BusinessException("不是有效的加密数据"+ e.getMessage());
        }

        return new String(bytes);
    }


    /**
     * @description:  私钥加密
     * @date: 2024/1/17 14:58
     * @param str 待加密字符串
     * @param key 私钥
     * @return java.lang.String
     */
    public static String encryptByPrivateKey(String str, String key) throws Exception {
        byte[] data = str.getBytes();
        PrivateKey privateKey = strToPrivateKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        cipher.init(Cipher.ENCRYPT_MODE, privateKey);

        byte[] bytes = dataSegment(data, cipher, MAX_ENCRYPT_BLOCK);
        return encryptBASE64(bytes);
    }


    /**
     * @description:  公钥解密
     * @date: 2024/1/17 15:23
     * @param str 待解密字符串
     * @param key 公钥
     * @return java.lang.String
     */
    public static String decryptByPublicKey(String str, String key) throws Exception {
        byte[] data = decryptBASE64(str);
        PublicKey publicKey = strToPublicKey(key);
        Cipher cipher = Cipher.getInstance(KEY_ALGORITHM);
        cipher.init(Cipher.DECRYPT_MODE, publicKey);

        byte[] bytes = dataSegment(data, cipher, MAX_DECRYPT_BLOCK);
        return new String(bytes);
    }


    /**
     * @description:  使用私钥对数据进行数字签名
     * @date: 2024/1/17 15:36
     * @param str 待加签字符串
     * @param privateKey 私钥
     * @return java.lang.String
     */
    public static String sign(String str, String privateKey) throws Exception {
        byte[] data = str.getBytes();
        PrivateKey priKey = strToPrivateKey(privateKey);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initSign(priKey);
        signature.update(data);
        byte[] bytes = signature.sign();
        return encryptBASE64(bytes);
    }


    /**
     * @description: 使用公钥对数据验证签名
     * @date: 2024/1/17 15:46
     * @param str 待验签字符串(即要加签的内容)
     * @param publicKey 公钥
     * @param sign 数据签名
     * @return boolean
     */
    public static boolean verify(String str, String publicKey, String sign) throws Exception {
        byte[] data = str.getBytes();
        byte[] signBytes = decryptBASE64(sign);
        PublicKey pubKey = strToPublicKey(publicKey);
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initVerify(pubKey);
        signature.update(data);
        return signature.verify(signBytes);
    }



    /**
     * @description: 对数据进行分段加密或解密
     * @date: 2024/1/17 16:11
     * @param data
     * @param cipher
     * @param maxBlock
     * @return byte[]
     */
    private static byte[] dataSegment(byte[] data, Cipher cipher, int maxBlock) throws Exception{
        byte[] toByteArray;
        int inputLen = data.length;
        ByteArrayOutputStream out = new ByteArrayOutputStream();
        int offSet = 0;
        int i = 0;
        byte[] cache;
        // 对数据分段加密解密
        while (inputLen - offSet > 0) {
            int var = inputLen - offSet > maxBlock ? maxBlock : inputLen - offSet;
            cache = cipher.doFinal(data, offSet, var);
            out.write(cache, 0, cache.length);
            i++;
            offSet = i * maxBlock;
        }
        toByteArray = out.toByteArray();
        out.close();
        return toByteArray;
    }


    /**
     * @description: 获取私钥
     * @date: 2024/1/17 14:57
     * @param str 私钥字符串
     * @return java.security.PrivateKey
     */
    private static PrivateKey strToPrivateKey(String str) throws Exception {
        PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(decryptBASE64(str));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        PrivateKey privateKey = keyFactory.generatePrivate(pkcs8KeySpec);
        return privateKey;
    }

    /**
     * @description: 获取公钥
     * @date: 2024/1/17 14:57
     * @param str 公钥字符串
     * @return java.security.PrivateKey
     */
    private static PublicKey strToPublicKey(String str) throws Exception {
        X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(decryptBASE64(str));
        KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM);
        PublicKey publicKey = keyFactory.generatePublic(x509KeySpec);
        return publicKey;
    }


    /**
     * @description:  字节数组转字符串
     * @date: 2024/1/17 14:59
     * @param bytes 字节数组
     * @return java.lang.String
     */
    private static String encryptBASE64(byte[] bytes) {
        return Base64.getEncoder().encodeToString(bytes);
    }


    /**
     * @description: 字符串转字节数组
     * @date: 2024/1/17 15:00
     * @param str 字符串
     * @return byte[]
     */
    private static byte[] decryptBASE64(String str) {
        return Base64.getDecoder().decode(str);
    }

}
